Insurance Claims Fraud Detection

Common Claims Repository

Luther Systems has developed a Common Claims Repository using its proprietary LEIA (“Luther Enterprise Infrastructure Architecture) platform. This Common Claims Repository enables a secure sharing of claims details, which can assist insurance companies in the detection of duplicate claims fraud.

Background

A study done by the Reinsurance Group of America in 2017 found that fraud related organizational losses are between 3%, and more likely to be around 6%, of total expenditure. The Coalition Against Insurance Fraud estimate that around 80 billion dollars a year is lost by US insurers. Further, it is estimated that between 3% to 4% of all claims are in fact fraudulent.

The study further found the highest instance of claims fraud in the Asia Pacific, topping at around 4.1%. The losses from fraud result in not only a higher cost of care, but more importantly, in higher insurance premiums. In 2017, insurance companies in Singapore paid out 668 million dollars, which based upon a 3% to 4% fraud rate, would result in approximately 20 to 26 million dollars a year in fraud.

Duplicate claims fraud are difficult to detect, since the insurance companies are legally unable to share customer data with their competitors. It is also not possible to disclose personally identifiable information. There is no existing technical solution that allows insurance companies to identify suspected duplicate claims while maintaining data privacy.

For example, a malicious claimant could submit a legitimate claim to Insurance Company A. They could then duplicate the claim, and submit it to Insurance Company B. Using existing technology, there is no easy way for Insurance Company B to know that the same claim was submitted to Insurance Company A.

Luther Product: How it works

Luther Systems has developed the Common Claims Repository using blockchain technology to address this need. It uniquely enables multiple participants in a network to detect duplicate claims while maintaining the confidentiality and integrity of their claimants data. Luther Shared Claims Repository creates a private network between resident insurers, which enables them to securely store encrypted copies of a submitted claim for validation.

It is important to find the right number of fields that claims share in order to be detected as a duplicate. A number of standard claims fields common to the insurers involved were selected. If a certain percentage of fields match then the claim is flagged as a duplicate.

When a claim which is submitted to the system is recognized as a duplicate, it is flagged for further investigation. No private data is actually stored upon the blockchain, and insurers are not able to glean details about other insurer's data. Also, claims data is transmitted to the Common Claims Repository, using Luther’s Systems proprietary multi-signature hashing methodology. This ensures that no unencrypted claims data leaves an insurer’s network.

Multiple insurers join the network, and each submits their encrypted claims to the Shared Claims Repository. The system automatically detects the claim which has been submitted before, and flag that up for the submitting insurance company. This all happens on the hashed representation of a claim, ensuring that no personally identifiable information leaves the insurers network.

Product Benefits

Two KPIs were set up at the beginning of the project to measure success of the Common Claims Repository: false positive rate and privacy.

First, it was important to ensure that the false positive rate, the case when a claim is wrongfully detected as a fraudulent claim, is kept to a minimum. Given the similarity metric, in many applications it is impossible to achieve a 0% false positive rate. The product delivered a false positive rate under 0.1% through using cryptographic hashes to construct a signature for each document. Although these signatures introduce a false positive, they are large enough such that this rate does not exceed the 0.1% requirement.

Second, ensuring privacy was crucial in developing the Common Claims Repository. The Luther solution relies upon generating hashes that are resistant against bruteforce preimage attacks. Luther Systems specifically tunes the hashing function to be as difficult to break as possible, while maintaining the average detection delay requirement. Experimentally, it was found that to meet the requirements described in this document it would take a single ASIC 5.7e6 years to brute force a single hash. Even if the ASIC was as cheap as $1 and energy costs were ignored, it would cost over $5.7 million to brute force the hash and take (on average) 6 months. Typically, ASIC device prices are in the hundreds of dollars range.

Further applications

This case study focuses on the development of the Common Claims Repository for the two clients. It is worth noting that this product can easily be scaled and adopted by many more insurance companies. Should a new insurance company want to join the network, they can do so easily, and begin submitting claims to Luther System's APIs.